Vulnerabilities > Adobe > Experience Manager > 6.4.2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-10 | CVE-2020-9732 | Cross-site Scripting vulnerability in Adobe Experience Manager The AEM Forms add-on for versions 6.5.5.0 (and below) and 6.4.8.2 (and below) are affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in fields associated with the Sites component. | 9.0 |
| 2020-06-12 | CVE-2020-9651 | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting (reflected) vulnerability. | 6.1 |
| 2020-06-12 | CVE-2020-9648 | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting vulnerability. | 6.1 |
| 2020-06-12 | CVE-2020-9647 | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting (dom-based) vulnerability. | 6.1 |
| 2020-06-12 | CVE-2020-9645 | Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5 and earlier have a blind server-side request forgery (ssrf) vulnerability. | 7.5 |
| 2020-06-12 | CVE-2020-9644 | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting (stored) vulnerability. | 5.4 |
| 2020-06-12 | CVE-2020-9643 | Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5 and earlier have a server-side request forgery (ssrf) vulnerability. | 7.5 |
| 2020-03-25 | CVE-2020-3769 | Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5 and earlier have a server-side request forgery (ssrf) vulnerability. | 7.5 |
| 2020-01-15 | CVE-2019-16468 | Injection vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have an user interface injection vulnerability. | 7.5 |
| 2020-01-15 | CVE-2019-16466 | Cross-site Scripting vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. | 6.1 |